Event Search

News in a Minute Weekly Roundup | September 1

September 01, 2017

By Marcos Colón

A roundup of the top news stories in information security this week, including researchers discovering the largest spambot to date, the infosec industry is booming in India, and cybercriminals taking advantage of the Hurricane Harvey news.

RANSOMWARE

Defray Ransomware Targets Healthcare and Manufacturing Sectors

A new ransomware strain is wreaking havoc on businesses in the healthcare, manufacturing, and education sectors. The highly targeted malware was discovered by researchers at security firm Proofpoint. Defray propagates via emails that contain malicious Microsoft Word documents embedded with an executable OLE packager shell object. Each campaign is said to demand a ransom of $5,000.

Citing his “insufficient attention,” a quarter of the members of the National Infrastructure Advisory Council have resigned. Citing shortfalls in the administration’s approach to cybersecurity, in addition to concerns regarding the Trump administration’s “moral infrastructure” of the U.S., the resignations came on Monday, August 21. A total of seven members have resigned.

Online miscreants are taking advantage of the Hurricane Harvey news to lure victims into downloading malware or making donations into phony accounts. On Monday, August 28, US-CERT issued a warning asking those looking to donate to remain vigilant for malicious cyber activity that aims to capitalize on interest in Hurricane Harvey.

Content delivery networks and technology companies that would normally view each other as competitors have banded together to dismantle one of the largest mobile device bonnets ever recorded. Detected on August 17, the WireX botnet was launching DDoS attacks on a number of industries including hospitality, porn, and gambling, in addition to domain registrars. The attacks were emanating from tens of thousands of Android devices.

Although the technological landscape hasn’t changed too much, the real evolution tied to connected devices come in the form in which cybercriminals leverage them for their dirty deeds. In a recent video interview with Justin Fier, director of cyber intelligence and analysis at Darktrace, he discusses the impact that IoT attacks have had on enterprises and highlights what security managers can do to face these challenges head on.

This year alone, spending on information security solutions is expected to grow 12% to $1.5 billion, according to Gartner. Spending increases are also expected in 2018. Right now, security services are 63% of the country’s total enterprise market and is expected to continue to grow by 66% going into 2021.

A Paris-based security researcher has discovered what’s considered one of the largest spambots to date. Dubbed “Onliner,” the spambot is used to deliver the Ursnif banking malware into millions of inboxes. Thus far, the researcher told ZDNet that the malicious campaign is responsible for more than 100,000 unique infections across the world.

Security researchers at ESET have released new research that points to ties between the Russian cyberespionage group Turla and the “Gazer” backdoor malware. The connection was made due to the many commonalities between the group’s previous operations, such as delivery methods, anti-detection features, and targets, and how the Gazer spyware is used.

A new study by Symantec’s Internet Security Threat Report points to another big year for ransomware attacks. After analyzing the 319,000 Symantec-blocked ransomware incidents in the first half of the year, the security firm is expecting the number of attacks this year to surpass the 470,000 incidents in 2016 easily. On average, cybercriminals are charging $544 for ransom per device.

A vulnerability in a popular WordPress plugin that’s used by 28% of all online stores has been addressed. The WooCommerce Product Vendors WordPress plugin was affected by a cross-site scripting vulnerability. Versions 2.0.35 and earlier were impacted by the flaw, which could allow an attacker to hijack sessions ultimately. Site owners are being urged to patch the vulnerability immediately.

As MISTI’s content marketing lead, Marcos spearheads the brand’s content marketing strategy, implementing a process to deliver high-quality insight to information security and internal audit professionals. Prior to working with MISTI, he served as the online editor for the award-winning SC Magazine, a prominent B2B IT security publication. He also served as a senior editor at NewsCred, a prominent content marketing agency, where he provided content strategy guidance for leading brands that include Discover, IBM, Visa and Bloomberg.

MISTI Newsletters

Quick Links

MIS Training Institute is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org.